Password value based on geographic location

ABSTRACT

An electronic processing device having GPS card and antenna, such as a laptop or personal digital assistant, can be enable only when a geographic-specific password is entered. Geographic regions are established in the electronic processing device with a user interface and priorities can be granted to the regions. The user further stores a geographic-specific password for each of the geographic regions. When the user travels and wishes to enable the electronic processing device, the GPS card and antenna receive and process the device&#39;s current location. When the user inputs a password, the electronic device determines if the password is appropriate for the current location. If not, access is denied.

TECHNICAL FIELD

This invention relates generally to the field of accessing electronicdevices and more particularly relates to enabling an electronic deviceusing a password associated with a geographic position.

BACKGROUND OF THE INVENTION

People in our society have become increasingly mobile and, notcoincidentally, have increasingly come to rely on their electronicdevices such as laptop computers, cellular phones, hand-held personaldigital assistants, etc. as they travel. These devices, moreover, havebecome increasingly more complex and capable of maintaining a myriad ofprograms as well as maintaining connections with networks such as theInternet. Telecommuting, i.e., maintaining a business office in a placeother than a headquartered office such as one's home and connecting toan employer through a computer or hand-held microprocessing device,occurs across town, across the country, and even across internationalborders. People demand more of their electronic communication devicestoo. People want to be able to conduct personal and/or businessfinancial transactions, legal transactions, communications with businessassociates, employers, employees, family, friends all with one device.

In a perfect world, there would be no need for security of one'sinformation but information has been protected as long as the firstsecret was spoken; and as long as a person or business entity considershis/her own information confidential. An electronic device havingconfidential information may need only be enabled at a place ofemployment or other specific location and it is preferred or evenrequired that access not be granted to the device outside of aparticular locale. The devices, moreover, have become subject tothievery irrespective of the information contained therein. So, it isimperative that a person be able to restrict use of a device.

There are, moreover, a number of security schema which use geographiclocation as a method to restrict access to devices or to enable certaindevices. The Global Positioning System (GPS) was designed for, is fundedand operated by the U.S. Department of Defense (DOD) although there aremany thousands of civilian uses of GPS world-wide. The nominal GPSOperational Constellation consists of twenty-four satellites that orbitthe earth in twelve hours. There are often more than twenty-fouroperational satellites as new ones are launched to replace oldersatellites. A satellite orbit repeats almost the same ground track asthe earth turns beneath them once each day. A system of trackingstations are located around the world with the Master Control facilityat Schriever Air Force Base in Colorado. These monitor stations measuresignals from the satellites which are incorporated into orbital modelsfor each satellite which compute precise orbital data and clockcorrections for each satellite. The Master Control station uploads thecorrected orbital and clock data to the satellites. The satellites thensend subsets of the orbital data to GPS receivers via radio signals allover the world. The GPS receiver processes the signals to computeposition, velocity and time of the satellite and/or the receiver. FourGPS satellite signals are used to compute positions in three dimensionsand the time offset in the receiver clock.

GPS has been used for years in aircraft, ships, etc. but now consumersare using GPS in computers, automobiles, cellular phones, etc. One suchsecurity system is set forth in U.S. Pat. No. 5,922,073 entitled Systemand Method for Controlling Access to Subject Data Using Location DataAssociated with the Subject Data and a Requesting Device to Shimada. Inthis system, a user enters a password associated with the data,simultaneously a GPS receiver detects the location and if the locationis not the proper location attributed to the data, access to the data isprohibited. Shimada restricts access only to data by two independenttests: first, the password entered must be the correct password for thatdata; and second, the requesting device must be in an allowablegeographic location. The password itself is not associated with thegeographic location. Shimada, moreover, allows access to the requestingdevice and limits access only to data, which under some circumstances,may be undesirable. As an example, it is more likely that a hacker willpresume a password to be associated with or correlated to particulardata, as in Shimada, rather than with a particular geographic location.It is easier to invoke data intrusion or hacking algorithms once accessis granted to a requesting device than when the device cannot even beenabled. Additionally, inadvertent access to critical information orother applications resulting in hard-drive failure or other failures ordamage to the system by, for instance, children is easier if a system isenabled and usable. Thus, more secure protection from intentionalintrusion and/or accidental damage occurs when the requesting device maynot even be enabled.

Another device is disclosed in a Research Disclosure 421139 entitledAutomatic laptop reconfiguration based on location of May 1999 in whicha GPS tracking chip within a laptop computer interacts with theoperating system and other program to automatically reconfigure thesystem clock, time zones, telephone numbers to call for networkconnections, etc., upon traveling to different time zones. Access isstill allowed, however, to the computer and its processes, with theattendant risks as described above.

Shimada and other art, moreover, make no accommodation for overlappingand/or adjacent geographic regions and for assigning priorities to thoseregions. A user is tasked with remember which password is applicable towhich data and if she/he crosses a street or enters another building,may be required to enter another password. In this time of memorizingand updating our multitude of passwords, life could be simplified ifonly the password for the highest priority geographic region in whichthe electronic processing device is located need be entered. The userneed not concern herself/himself with remembering which password isassociated with which application or with which building at a site ifthe user need only enter a password for entire site and if the sitepassword has a higher priority than the building password.

There is thus a need in the industry to restrict access to an electronicprocessing device by simply entering a password based on geographiclocation. There is a further need in the industry to allow or restrictaccess to a device in overlapping and/or adjacent geographic locationsin terms of priority of the geographic regions.

SUMMARY OF THE INVENTION

These needs and others that will become apparent to one skilled in theart are satisfied by an processing device, comprising: a user interfaceto interact with a user; location detection electronics; processingelectronics connected to the user interface and the location detectionelectronics; a memory connected to the processing electronics to store aplurality of passwords associated with a plurality of geographicregions; and a gatekeeper to access the processing electronics when aninput password from the user interface is the same as a password inmemory and when the location detection electronics inputs a presentlocation to the processing electronics that is one of the plurality ofgeographic regions with which the input password is associated.

The invention may further be considered a method to establish a passwordin an electronic processing device, comprising the steps of: invoking auser interface of the electronic processing device; entering adescription of a first geographic location; creating a first password;associating the first password with the first geographic region;enabling a user to access information within the electronic device whenthe electronic device is in the first geographic region only when thefirst password is entered by the user.

Entering a description of a first geographic region may be accomplishedin a number of ways. In one embodiment a user may obtain the GPSlocation from GPS processing electronics within the electronicprocessing device and create boundaries by extending a selected distancefrom the GPS location. In another embodiment, a user may delineate theboundaries of the first geographic region using a graphical userinterface on a map containing the first geographic region. Still, yet auser may enter the longitude and latitude coordinates of the boundariesof the geographic region. And yet, a user may enter a street addressassociated with a geographic region.

A user may enter a description of a second geographic region and createa second password associated with the second geographic region.Priorities may assigned to the first and second geographic region. Themethod may further comprise allowing the user to access the electronicprocessing device in the second region by entering the first password ifthe first geographic region is of higher and/or equal priority than thesecond geographic region and the electronic processing device is in anarea of the second region overlapping an area of the first region.Creating a password may further require inspecting the password todetermine it is valid according to password generation rules. The methodfurther contemplates that the first password and the second passwordsare inspected to determine if they are valid according to passwordgeneration rules. The password generation rules may differ from passwordto password and from geographic region to geographic region.

The user may further access information within the electronic devicewhen the electronic device is in the first geographic region only whenthe first password is entered by the user, further comprises determiningthe present location of the electronic device using GPS signalsprocessed by GPS processing electronics within the electronic device.

In another embodiment, the invention is a method to restrict access toan electronic processing device, comprising the steps of: invoking auser interface of the electronic processing device; determining thepresent location of the electronic device; entering ageographic-specific password; allowing access to the electronicprocessing device only when the geographic-specific password isassociated with the present location of the electronic device.

The invention may further be considered a method to protect anelectronic processing device from unauthorized use, comprising the stepsof: invoking a user interface of the electronic processing device;entering a description of at least one geographic location by a methodselected from the group of methods consisting of: obtaining the GPSlocation from GPS processing electronics within the electronicprocessing device and creating boundaries by extending a selecteddistance from the GPS location, delineating the boundaries of the firstgeographic region using a graphical user interface on a map containingthe first geographic region, entering the longitude and latitude of theboundaries of the geographic region, and entering a street addressassociated with a geographic region; creating at least one password;associating each of the at least one password with one of the at leastone geographic region; determining the present location of theelectronic processing device using GPS signals processed by GPSprocessing electronics within the electronic processing device;assigning priority to the at least one geographic region; allowing theuser to use the electronic processing device in the at least onegeographic region by entering the at least one password if the at leastone geographic region is the geographic region associated with the atleast one password or if the at least one password is associated with ageographic region of higher or equal priority that contains the at leastone geographic region.

The invention is also an article of manufacture, comprising a datastorage medium tangibly embodying a program of machine readableinstructions executable by an electronic processing apparatus to performmethod steps for operating the electronic processing apparatus, themethod steps comprising the steps of: storing a plurality ofdescriptions of geographic regions; storing a plurality of passwords,each associated with one or more of the descriptions of geographicregions; assigning a priority to each of the plurality of descriptionsof geographic regions; determining the present location of theelectronic processing device; and allowing a user to use the electronicprocessing device in the present location by entering an input passwordif the present location is within the description of the geographicregion associated with the input password.

The invention is also a secure electronic processing device, comprising:means to store a plurality of descriptions of geographic locations inwhich said secure electronic processing device may be used; means tostore a plurality of geographic-specific passwords, each of saidpasswords associated with each of said geographic locations; means todetermine the present location of said electronic processing device;means to determine that said present location is one of said geographiclocations; means to request an input password from a user; means toallow access to the electronic processing device only if said inputpassword is one of said geographic-specific passwords pertaining to saidpresent location. The means to determine that the present location isone of said geographic locations may further comprise a GPS antenna andGPS processing electronics.

BRIEF DESCRIPTION OF THE DRAWING

The novel features believed characteristic of the invention are setforth in the claims. The invention itself, however, as well as apreferred mode of use, objects and advantages thereof, will best beunderstood by reference to the following detailed description of anillustrative embodiment when read in conjunction with the accompanyingDrawing, wherein:

FIG. 1 is a high-level block diagram of an electronic processing deviceembodied as a computer system capable of implementing the invention.

FIG. 2 is an illustration of a graphical user interface which allows auser to ascribe passwords to a particular geographic region inaccordance with principles of the invention.

FIG. 3 is a data structure of the geographic region data particularlyassociated with a password, priority, and a name.

FIG. 4 is a chart illustrating how which password rule program isassociated with a particular geographic location.

FIG. 5 is a simplified flow chart of how an electronic processing devicecan be enabled during power-on within a geographic location have aparticularized password.

FIG. 6 is a simplified flow chart of processing within an electronicprocessing device to change regions, passwords, priority, or passwordrules of a particular geographic location.

FIGS. 7A and 7B are a simplified flow chart of the processing within anelectronic device which can modify the data structure associated with aparticular geographic location.

FIGS. 8A and 8B are a simplified flow chart of processing within anelectronic device which can be used to modify the password rules withina geographic location.

DETAILED DESCRIPTION OF THE INVENTION

Referring to the Drawing, wherein like numbers denote like partsthroughout the several views, FIG. 1 shows a high-level block diagram ofan electronic processing device 100, consistent with the preferredembodiment. Electronic processing device 100 may comprise a centralprocessing unit (CPU) 105, memory 110, I/O controller and interface 115,network and/or Internet interface 120, and geographic processingelectronics 125 connected to a transmitting/receiving antenna 130.Geographic processing electronics 125 and transmitting/receiving antenna130 may be integrated as in a GPS PCMCIA card such as that disclosed inU.S. Pat. No. 5,861,841 entitled Compact GPS Receiver/Processor toGildea et al. The various devices communicate with each other viainternal communications bus 135 which supports transfer of data,commands and other information between different devices; while shown insimplified form as a single bus, it is typically structured as multiplebuses; and may be arranged in a hierarchical form.

CPU 105 may be a programmable processor, executing instructions storedin memory 110; while a single CPU 105 is shown in FIG. 1, it should beunderstood that electronic processing systems having multiple CPUs couldbe used. Memory 110 is a random-access semiconductor memory for storingdata and programs; memory is shown conceptually as a single monolithicentity, it being understood that memory is often arranged in a hierarchyof caches and other memory devices. Operating system 140 andapplications 145 reside in memory 110. Operating system 140 provides,inter alia, functions, such as device interfaces, management of memorypages, management of multiple tasks, etc. as is well-known in the art.Applications 145 may include a browser which provides a user-interfaceto the world wide web through the network/Internet interface 120. Someapplications 145 including the browser may be integrated into operatingsystem 140. I/O controller 115 may support the attachment of a single ormultiple terminals, and may be implemented as one or multiple electroniccircuit cards, adapters, or other units one of which may be a displayadapter to support video display 150, which may be a cathode-ray tubedisplay or a touch panel, although other display technologies may beused. A keyboard/pointer adapter supports keyboard or keypad 152 andpointing device 154 depicted as a mouse, it being understood that otherforms of input devices such as a pointing stylus could be used. Astorage adapter supports one or more data storage devices 156 which maybe rotating magnetic or optical disk drives, although other data storagedevices could be used. A printer adapter supports printer and/or otheroutput devices, such as speakers (not shown). Other adapters may supportany of a variety of additional devices, such as communication hub 158,audio devices, etc.

Network/Internet interface 120 provides a physical connection fortransmission of data to and from the Internet or any other network, andcould use any various available technologies. This interface maycomprise a modem connected to a telephone line, through which anInternet access provider or on-line service provider is reached, butincreasingly other higher bandwidth interfaces are implemented. Forexample, electronic processing device 100 may be connected to a localmainframe computer system via a local area network using an Ethernet,Token Ring, or other protocol, the mainframe in turn being connected tothe Internet. Alternatively, Internet access may be provided throughcable TV, wireless, or other types of connection.

The electronic processing device shown in FIG. 1 is intended to be asimplified representation of a computer system, it being understood thatmany variations in system configuration are possible in addition tothose specifically mentioned here. Electronic processing device 100 neednot be a personal computer system such as that depicted in FIG. 1, andit may be a larger computer system, such as another server, or a smallercomputer system, such as a notebook or laptop computer. Finally,electronic processing device 100 need not be a computer at all, but maybe a simpler appliance-like client devices with less memory. It is fullyintended that electronic processing device 100 include any electronicdevice which may interact through user-interfaces to execute aprocessing application and to be able to transmit/receive data relatingto geographic location, and in response thereto, enable processingwithin the electronic processing device. Examples of other intendedelectronic processing devices 100, which list is not intended to beexhaustive but merely exemplary, include a network terminal or a thinclient or other terminal-like devices having smaller memory; voiceresponse units (VRUs); terminals; world wide web browsers; and evenpervasive mobile devices, such as personal digital assistants, pagers,and cell-phones.

As will be described in detail below, aspects of the preferredembodiment pertain to specific method steps implementable on anelectronic device having a computer processor. In an alternativeembodiment, the invention may be implemented as a computerprogram-product for use with an electronic processing device 100. Theprograms defining the functions of the preferred embodiment can bedelivered to the electronic processing device 100 via a variety ofsignal-bearing media, which include, but are not limited to informationstored on a writable or non-writable storage media, e.g., read onlymemory devices such as magnetic or optical disks readable by a diskdrive or floppy disks within diskette drive or hard-disk drive; orinformation conveyed to a computer by a telephone or a cable medianetwork, including wireless communications. Such signal-bearing media,when carrying computer-readable instructions that direct the functionsof the present invention, represent alternative embodiments of thepresent invention.

Each electronic processing system 100 has the necessary combination ofhardware and software to implement a user interface by which a user caninteract with the electronic processing device. FIG. 2 is an example ofa user interface by which the user can implement the location-specificpassword features of the invention. Given a user interface, such as amap 210 shown on a monitor, for example, a user can move the boundariesof a geographic location or enter the coordinates, either inlongitude/latitude or some other x-y or polar coordinate system, of aregion 212 for which he/she wishes to implement a specific password.Shown in FIG. 2 are four regions: (a) the city limits 214; (b) home 216;(c) work 218; (d) school 220. Given the user interface, the user thendefines the boundaries of each of these regions, perhaps by entering anaddress or by moving the arrows of a graphical user interface, by voicecommands, etc. Alternatively, the user may be able to physically placethe electronic device in a geographic region and the GPS processingelectronics will automatically set the boundaries of the region if theuser indicates that the particular location is intended to be a boundaryof the region. In accordance with an embodiment of the invention, theuser presents a password for each of the regions. There may be a parentregion, such as that circumscribed by the city limits 214. Within thatparent region 214, there may be child regions home 216 and school 220,which may have the same or different password. If the passwords are thesame, a user having only the child password may access the device onlyin regions home 216 and school 220, while a user with the parentpassword may access the device anywhere within the city limits 214. Theinvention makes accommodations for overlapping regions such as thatshown with work 218 and school 220. In any event, once within thegeographic location, if the proper password is not input, access to thedevice is denied.

FIG. 3 is a table of data records used by the processes of theinvention. Corresponding to each of the geographic regions programmed,each represented by a row 320, there is associated the locationcoordinates of the region 312, preferably in signal format for GPSalthough other geographic descriptions may also be used; a priorityfield 314; a password 316; and an optional name 318 of the region, suchas “work” or “home.” The priority column 314 is the priority of thegeographic region 320. Given overlapping regions such as the work andschool regions 218, 220 in FIG. 2, the region having the highestpriority is the one that determines the password required to gain accessto the devices and/or a specific function. This data can be stored inmemory 110 or can be generated immediately upon start up of theelectronic processing device.

The password may be constrained by password rules. Password rules mayrange from complex mathematical encryption to simple rules like “thepassword must be at least eight alpha-numeric characters with at leasttwo numbers and without any two subsequent characters being the samecharacter.” There are a myriad of password rules. FIG. 4 is a chartrepresenting the password rules program 412 for any password associatedwith this geographic region 320. The password rules, moreover, may varyfrom region to region, e.g., the password rules for “work” may be morestringent or just different than any passwords set for home. Thepassword rules verification program 412 for each geographic region isexecuted to ensure that the password created meets the rules for thatregion 320.

FIG. 5 is a simplified flow chart of the process by which to use thegeographic-specific passwords in accordance with a preferred embodimentof the invention. In step 510, an electronic device has been started andin step 520, power-up processing occurs. In step 530, the geographiclocation of the electronic processing device is determined, preferablyby using the GPS data that is received using GPS processing electronicsinstalled in the device. Given a specific location, in step 540 theprocess continues and retrieves the highest priority regions associatedwith the processed geographic location. If a region name is available,as in step 550, it is displayed in step 560. Regardless, in step 570,the user is prompted to enter a password. The process in step 580compares the entered password with the passwords associated with theregions of highest priority in the geographic location. There may beseveral regions of equal priority associated with a particulargeographic location. In this case in the preferred embodiment, the usercan enter either password to gain access. If the password passes muster,normal processing ensues as in step 590, otherwise, the user is againprompted for a password in step 570.

FIG. 6 is a flowchart of normal processing and proceeds from step 570.In step 610, a user initiates an action on the user interface and theprocess responds in step 620 by asking if the user wishes to modify ordelete or add regions, passwords, priorities. If so, then in step 630,execution is diverted to a program to do so, as will be explained. Ifnot, the user is asked in step 640 if he/she wishes to modify thepassword rules. If yes, then in step 650, execution is diverted to aprogram to modify the rules as in step 650. If the user does not wish tomodify the regions, passwords, priorities, or password rules, then instep 660, normal processing of other user actions occurs.

FIGS. 7A and 7B are a simplified process diagram following from step 630of FIG. 6. In step 700, the process is initiated, and in step 710, auser interface is invoked. As discussed, the user interface may be a mapof the geographic location which can be manipulated to determine regionsor it may be as simple as a request to enter longitude and latitudecoordinates, street addresses, etc. Given the user interface, theprogram requests an action from the user in step 711. If the user wantsto modify an existing password, as in step 712, then in step 714, theprogram retrieves the region data structure 310 set forth in FIG. 3. Theregion associated with the password to be modified is highlighted orotherwise indicated, as in step 716. The user is prompted to enter a newpassword in step 718 and in step 720, the process determines if thereare any rules associated with this region. If so, then in steps 722 and724, the process inspects the new password for compliance with thepassword rules and, if in compliance, the process is routed back toblock 720 to determine if there are any other password rules for theregion. If not, then in step 730, the password is changed and the useris prompted for another event, as in step 711. If, however, the newpassword is not in compliance with the password rules, then in step 726a message is provided to the user and the program exits at step 728.

In FIGS. 7A and 7B, if the user does not wish to change a password atstep 712, then the process inquires if the user wishes to create a newregion in step 740. If so, then in step 742, the user enters theboundaries of the geographic region the user wishes to associate with apassword, preferably using a graphical user interface to draw a polygoncircumscribing the region. Otherwise, the user may just enter theboundaries or the latitude/longitude data, legal description, etc. Theprogram creates a data record 320 for the region in step 744 includingthe priority and name of the region. The process then jumps to step 716to highlight the region and prepare for entry and verification of a newpassword as described above.

In step 740, if the user does not wish to create a region, then in step746, the process inquires of the user if she/he wishes to modify thesize of the region. If so, then in step 748, the user manipulates orotherwise enters the modified size of the region with the user interfaceand the process continues to step 716 above. If, however, the user doesnot wish to create or modify a region, then in step 750, the user isasked if she/he wishes to delete a region. If so, the region is deletedin step 752 and the user is requested for a user action as in step 711.Otherwise, the program exits as in step 728.

FIGS. 8A and 8B are a simplified flow chart of the process by which therules of a password may be changed proceeding from step 650 of FIG. 6.In step 800, the program is initiated and in step 810, the processinquires if the user is permitted access to change the password rules.Often, this step is set by an administrator of the password rulesassociated with the electronic processing device. If the user ispermitted to change the password rules, then in step 812, the work isinitialized with an appropriate user interface window. In step 814, theuser initiates an event and the process determines if the event is tocreate a rules region, as in step 816. If so, then with a userinterface, the user creates a region in step 818 and in step 820acquires the name of the rules program.

While various embodiments of the present invention have been describedabove, it should be understood that they have been presented by way ofexample and not limitation and that variations are possible. Thus, thebreadth and scope of the present invention should not be limited by anyof the above-described exemplary embodiments, but should be defined onlyin accordance with the following claims and their equivalents.

1. An electronic processing device, comprising: (a) a user interface tointeract with a user; (b) location detection electronics; (c) processingelectronics connected to the user interface and the location detectionelectronics; (d) memory to store a plurality of geographically-uniquepasswords, wherein each geographically-unique password is associatedwith one or more of a plurality of geographic regions, the memoryconnected to the processing electronics; (e) a gatekeeper to access theprocessing electronics when a password input on the user interface thatis the same as at least one the plurality of geographically-uniquepasswords in memory and when the location detection electronics inputs apresent location to the processing electronics that is one of theplurality of geographic regions with which the input password isassociated.
 2. A method to establish a geographically-unique password inan electronic processing device, comprising the steps of: (a) invoking auser interface of the electronic processing device; (b) entering adescription of a first geographic location; (c) creating a firstgeographically-unique password; (d) associating the firstgeographically-unique password with the first geographic region; (e)enabling the electronic device when the electronic device is in thefirst geographic region only when the first geographically-uniquepassword is entered by the user.
 3. The method of claim 2, wherein thestep of entering a description of a first geographic region furthercomprises: (a) obtaining the GPS location from GPS processingelectronics within the electronic processing device; and (b) creatingboundaries by extending a selected distance from the GPS location. 4.The method of claim 2, wherein the step of entering a description of afirst geographic region further comprises: (a) delineating theboundaries of the first geographic region using a graphical userinterface on a map containing the first geographic region.
 5. The methodof claim 2, wherein the step of entering a description of a firstgeographic region further comprises entering the longitude and latitudecoordinates of the boundaries of the geographic region.
 6. The method ofclaim 2, wherein the step of entering a description of a firstgeographic region further comprises entering a street address associatedwith a geographic region.
 7. The method of claim 2, further comprising:(a) entering a description of a second geographic region; (b) creating asecond geographically-unique password associated with the secondgeographic region.
 8. The method of claim 7, further comprising: (a)assigning a priority to the first and second geographic region.
 9. Themethod of claim 8, further comprising: (a) allowing the user to accessthe electronic processing device in the second region by entering thefirst geographically-unique password if the first geographic region isof higher and/or equal priority than the second geographic region andthe electronic processing device is in an area of the second regionoverlapping an area of the first region.
 10. The method of claim 2,wherein the step of creating a geographically-unique password furthercomprises: (a) inspecting the geographically-unique password todetermine if it is valid according to password generation rules.
 11. Themethod of claim 7, wherein the step of creating the firstgeographically-unique password and the second geographically-uniquepassword further comprises inspecting the first and secondgeographically-unique passwords to determine if they are valid accordingto password generation rules.
 12. The method of claim 11, wherein thepassword generation rules for the first geographically-unique passwordare different than the password generation rules for the secondgeographically-unique password.
 13. The method of claim 2, wherein thestep of enabling the electronic device when the electronic device is inthe first geographic region only when the first geographically-uniquepassword is entered by the user, further comprises determining thepresent location of the electronic device using GPS signals processed byGPS processing electronics within the electronic device.
 14. A method toprotect an electronic processing device from unauthorized use,comprising the steps of: (a) invoking a user interface of the electronicprocessing device; (b) entering a description of at least one geographiclocation by a method selected from the group of methods consisting of:obtaining the GPS location from GPS processing electronics within theelectronic processing device and creating boundaries by extending aselected distance from the GPS location, delineating the boundaries ofthe first geographic region using a graphical user interface on a mapcontaining the first geographic region, entering the longitude andlatitude of the boundaries of the geographic region, and entering astreet address associated with a geographic region; (c) associating atleast one geographically-unique password with one of the at least onegeographic regions; (d) determining the present location of theelectronic processing device using GPS signals processed by GPSprocessing electronics within the electronic processing device; (e)assigning priority to the at least one geographic region; (f) allowingthe user to use the electronic processing device in the at least onegeographic region by entering the at least one geographically-uniquepassword if the at least one geographic region is the geographic regionassociated with the at least one geographically-unique password or ifthe at least one geographically-unique password is associated with ageographic region of higher or equal priority that contains the at leastone geographic region.
 15. An article of manufacture, comprising a datastorage medium tangibly embodying a program of machine readableinstructions executable by an electronic processing apparatus to performmethod steps for operating the electronic processing apparatus, saidmethod steps comprising the steps of: (a) storing a plurality ofdescriptions of geographic regions; (b) storing a plurality ofgeographically-unique passwords, the geographically-unique passwordsbeing each associated with one or more of the descriptions of geographicregions; (c) assigning a priority to each of the plurality ofdescriptions of geographic regions; (d) determining the present locationof the electronic processing device; and (e) allowing a user to use theelectronic processing device in the present location by entering aninput password if the present location is within the description of thegeographic region associated with the input password.
 16. A secureelectronic processing device, comprising: (a) means to store a pluralityof descriptions of geographic locations in which said secure electronicprocessing device may be used; (b) means to store a plurality ofgeographically-unique passwords, each of said passwords associated withat least one of said geographic locations; (c) means to determine thepresent location of said electronic processing device; (d) means todetermine that said present location is one of said geographiclocations; (e) means to request an input password from a user; (f) meansto enable the electronic processing device only if said input passwordis one of said geographically-unique passwords pertaining to saidpresent location.
 17. The secure electronic processing device of claim16, wherein the means to determine that said present location is one ofsaid geographic locations further comprises a GPS antenna and GPSprocessing electronics.